Matheson


Data Protection and Privacy

Related Expertise

Expertise

"Business acumen and an industry knowledge that leaves nothing lacking."
Chambers Global

Our cross departmental Data Protection Group is made up of specialists who provide advice to our wide range of clients including several of the world’s leading multi-nationals and financial institutions on the evolving area of data protection and privacy law. With significant reputational issues at stake, data protection and privacy has become an increasingly challenging management issue for all businesses particularly in the context of the newly proposed draft Data Protection Regulation, the increasing use of cloud computing, CCTV and biometics and the emphasis on data analytics. We have unrivalled experience in the Irish market in relation to these types of issues and other issues that arise in relation to Data Protection.

General compliance with the Data Protection Acts 1988 and 2003 and the EU Data Protection Directive (95/46/EC)

  • applicability and establishment questions
  • registrations and notifications
  • preparation and review of privacy policies
  • data processing arrangements with third parties
  • data protection in the workplace
  • record retention policies and advice
  • data subject access requests
  • use of cookies and similar technology
  • data protection training
  • direct marketing restrictions

International data transfers

  • model clauses
  • safe harbour
  • BCRs
  • jurisdictions deemed to have adequate protection

Dealing with the Office of the Irish Data Protection Commissioner

  • security breach incidents
  • data protection audits and “dawn raids”
  • dealing with investigations
  • information and enforcement notices

 

Experience Highlights

Lawyers in this group have a vast amount of experience across all aspects of data protection including:

  • advised a technology multi-national in relation to proposed outsourcing of certain data hosting and processing activities where Ireland was one of a select list of preferred jurisdictions from which services are to be provided
  • advised multinational genealogy client in relation to inter-group processing services, cross-jurisdictional data back-up arrangements and analysis of Irish registration requirements for data controllers and data processors
  • advised a multinational gaming client in respect of a proposed employee performance tracking initiative, including a risk assessment in relation to the types of data intended to be used, the scope of permitted use and suggested means of mitigating risk
  • advised a global medical diagnostics company with regard to the transfer of its sensitive personnel data to a new service provider and a medical imaging company in relation to the transfer of sensitive personal data outside of the EEA
  • advised multinational recruitment service provider on data protection issues relating to availability of personal data on general internet searches, cross-border data transfers and its suite of customer facing agreements and policies (both job providers and job searchers)
  • assisted multinational healthcare client in rapid response to a suspected data security breach at an Irish operations facility which included urgent advice on legislative requirements and the applicable Commissioner’s code of practice and assessment of the client’s breach management and response procedures against current standards
  • advised a multinational luxury goods brand (and a number of other on-line retailers) in relation to the collection, scope of permitted use and international transfer of customer data and drafted appropriate website privacy statements to ensure data protection compliance
  • we have advised a substantial number of multinational clients on the applicability of the Irish data protection regime to their operations, including IT product and service providers, financial institutions and service providers and SPVs

Accolades

The team at Matheson works at the forefront of IT developments in the market.
European Legal 500 2016

"Excellent depth of knowledge and a commercial approach."
Chambers Europe 2015

"This team understands our business concerns and delivers guidance in a concise, actionable and prompt manner."
Chambers Europe 2015

"The team is proactive and focused on service. The quality of legal advice is very high but also very commercial - you can work with the advice they give you."
Chambers Europe 2014

This team has considerable expertise in all areas and earns glowing client reviews for its business focus and outstanding negotiation skills.
Chambers Europe 2013

Matheson is rightly proud of its IT client base which include major players.
European Legal 500 2013

 

 

 

 

 

 

 

 

"Business acumen and an industry knowledge that leaves nothing lacking."
Chambers Global

Our cross departmental Data Protection Group is made up of specialists who provide advice to our wide range of clients including several of the world’s leading multi-nationals and financial institutions on the evolving area of data protection and privacy law. With significant reputational issues at stake, data protection and privacy has become an increasingly challenging management issue for all businesses particularly in the context of the newly proposed draft Data Protection Regulation, the increasing use of cloud computing, CCTV and biometics and the emphasis on data analytics. We have unrivalled experience in the Irish market in relation to these types of issues and other issues that arise in relation to Data Protection.

General compliance with the Data Protection Acts 1988 and 2003 and the EU Data Protection Directive (95/46/EC)

  • applicability and establishment questions
  • registrations and notifications
  • preparation and review of privacy policies
  • data processing arrangements with third parties
  • data protection in the workplace
  • record retention policies and advice
  • data subject access requests
  • use of cookies and similar technology
  • data protection training
  • direct marketing restrictions

International data transfers

  • model clauses
  • safe harbour
  • BCRs
  • jurisdictions deemed to have adequate protection

Dealing with the Office of the Irish Data Protection Commissioner

  • security breach incidents
  • data protection audits and “dawn raids”
  • dealing with investigations
  • information and enforcement notices

 


Lawyers in this group have a vast amount of experience across all aspects of data protection including:

  • advised a technology multi-national in relation to proposed outsourcing of certain data hosting and processing activities where Ireland was one of a select list of preferred jurisdictions from which services are to be provided
  • advised multinational genealogy client in relation to inter-group processing services, cross-jurisdictional data back-up arrangements and analysis of Irish registration requirements for data controllers and data processors
  • advised a multinational gaming client in respect of a proposed employee performance tracking initiative, including a risk assessment in relation to the types of data intended to be used, the scope of permitted use and suggested means of mitigating risk
  • advised a global medical diagnostics company with regard to the transfer of its sensitive personnel data to a new service provider and a medical imaging company in relation to the transfer of sensitive personal data outside of the EEA
  • advised multinational recruitment service provider on data protection issues relating to availability of personal data on general internet searches, cross-border data transfers and its suite of customer facing agreements and policies (both job providers and job searchers)
  • assisted multinational healthcare client in rapid response to a suspected data security breach at an Irish operations facility which included urgent advice on legislative requirements and the applicable Commissioner’s code of practice and assessment of the client’s breach management and response procedures against current standards
  • advised a multinational luxury goods brand (and a number of other on-line retailers) in relation to the collection, scope of permitted use and international transfer of customer data and drafted appropriate website privacy statements to ensure data protection compliance
  • we have advised a substantial number of multinational clients on the applicability of the Irish data protection regime to their operations, including IT product and service providers, financial institutions and service providers and SPVs

The team at Matheson works at the forefront of IT developments in the market.
European Legal 500 2016

"Excellent depth of knowledge and a commercial approach."
Chambers Europe 2015

"This team understands our business concerns and delivers guidance in a concise, actionable and prompt manner."
Chambers Europe 2015

"The team is proactive and focused on service. The quality of legal advice is very high but also very commercial - you can work with the advice they give you."
Chambers Europe 2014

This team has considerable expertise in all areas and earns glowing client reviews for its business focus and outstanding negotiation skills.
Chambers Europe 2013

Matheson is rightly proud of its IT client base which include major players.
European Legal 500 2013

 

 

 

 

 

 

 

 



About cookies on our website

Following a revised EU directive on website cookies, each company based, or doing business, in the EU is required to notify users about the cookies used on their website.

Our site uses cookies to improve your experience of certain areas of the site and to allow the use of specific functionality like social media page sharing. You may delete and block all cookies from this site, but as a result parts of the site may not work as intended.

To find out more about what cookies are, which cookies we use on this website and how to delete and block cookies, please see our Which cookies we use page.

Click on the button below to accept the use of cookies on this website (this will prevent the dialogue box from appearing on future visits)